makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 14:18:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

- solved a problem with magic urls inside brackets, and with bbcodes being treated as IPv6 addresses

Browse source 
- turn NOT IN () and IN () into 1=1 and 1=0 so the database will understand it, instead of throwing an error in sql_in_set [Bug #7118]
- some tiny fixes to fulltext_native


git-svn-id: file:///svn/phpbb/trunk@6886 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Nils Adermann 2007-01-13 22:32:03 +00:00
parent 9372acd017
commit e6421f9274
4 changed files with 35 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
phpBB/develop/regex.php
View file

@ -49,7 +49,7 @@ $scheme = '[a-z][a-z\d+\-.]*';
$reg_name = "(?:[$unreserved$sub_delims|@]+|$pct_encoded)+"; // rfc: * instead of + and no "|" and no "@" (included instead of userinfo $reg_name = "(?:[$unreserved$sub_delims|@]+|$pct_encoded)+"; // rfc: * instead of + and no "|" and no "@" (included instead of userinfo
//$userinfo = "(?:(?:[$unreserved$sub_delims:]+|$pct_encoded))*"; //$userinfo = "(?:(?:[$unreserved$sub_delims:]+|$pct_encoded))*";
$ipv4_simple = '[0-9.]+'; $ipv4_simple = '[0-9.]+';
$ipv6_simple = '\[[a-z0-9.:]+\]'; $ipv6_simple = '\[[a-z0-9.]+:[a-z0-9.]+:[a-z0-9.:]+\]';
$host = "(?:$reg_name|$ipv4_simple|$ipv6_simple)"; $host = "(?:$reg_name|$ipv4_simple|$ipv6_simple)";
$port = '\d*'; $port = '\d*';
//$authority = "(?:$userinfo@)?$host(?::$port)?"; //$authority = "(?:$userinfo@)?$host(?::$port)?";

12
phpBB/includes/db/dbal.php
View file

@ -289,8 +289,16 @@ class dbal
{ {
if (!sizeof($array)) if (!sizeof($array))
{ {
// Not optimal, but at least the backtrace should help in identifying where the problem lies. // NOT IN () actually means everything so use a tautology
$this->sql_error('No values specified for SQL IN comparison'); if ($negate)
{
return '1=1';
}
// IN () actually means nothing so use a contradiction
else
{
return '1=0';
}
} }
if (!is_array($array)) if (!is_array($array))

20
phpBB/includes/functions.php
View file

@ -2385,15 +2385,15 @@ function make_clickable($text, $server_url = false)
// Be sure to not let the matches cross over. ;) // Be sure to not let the matches cross over. ;)
// relative urls for this board // relative urls for this board
$magic_url_match[] = '#(^|[\n\t (])(' . preg_quote($server_url, '#') . ')/(' . get_preg_expression('relative_url') . ')#ie'; $magic_url_match[] = '#(^|[\n\t (])(' . preg_quote($server_url, '#') . ')/(' . get_preg_expression('relative_url_inline') . ')#ie';
$magic_url_replace[] = "'\$1<!-- l --><a href=\"\$2/' . preg_replace('/(&amp;|\?)sid=[0-9a-f]{32}/', '\\\\1', '\$3') . '\">' . preg_replace('/(&amp;|\?)sid=[0-9a-f]{32}/', '\\\\1', '\$3') . '</a><!-- l -->'"; $magic_url_replace[] = "'\$1<!-- l --><a href=\"\$2/' . preg_replace('/(&amp;|\?)sid=[0-9a-f]{32}/', '\\\\1', '\$3') . '\">' . preg_replace('/(&amp;|\?)sid=[0-9a-f]{32}/', '\\\\1', '\$3') . '</a><!-- l -->'";
// matches a xxxx://aaaaa.bbb.cccc. ... // matches a xxxx://aaaaa.bbb.cccc. ...
$magic_url_match[] = '#(^|[\n\t (])(' . get_preg_expression('url') . ')#ie'; $magic_url_match[] = '#(^|[\n\t (])(' . get_preg_expression('url_inline') . ')#ie';
$magic_url_replace[] = "'\$1<!-- m --><a href=\"\$2\">' . ((strlen('\$2') > 55) ? substr(str_replace('&amp;', '&', '\$2'), 0, 39) . ' ... ' . substr(str_replace('&amp;', '&', '\$2'), -10) : '\$2') . '</a><!-- m -->'"; $magic_url_replace[] = "'\$1<!-- m --><a href=\"\$2\">' . ((strlen('\$2') > 55) ? substr(str_replace('&amp;', '&', '\$2'), 0, 39) . ' ... ' . substr(str_replace('&amp;', '&', '\$2'), -10) : '\$2') . '</a><!-- m -->'";
// matches a "www.xxxx.yyyy[/zzzz]" kinda lazy URL thing // matches a "www.xxxx.yyyy[/zzzz]" kinda lazy URL thing
$magic_url_match[] = '#(^|[\n\t (])(' . get_preg_expression('www_url') . ')#ie'; $magic_url_match[] = '#(^|[\n\t (])(' . get_preg_expression('www_url_inline') . ')#ie';
$magic_url_replace[] = "'\$1<!-- w --><a href=\"http://\$2\">' . ((strlen('\$2') > 55) ? substr(str_replace('&amp;', '&', '\$2'), 0, 39) . ' ... ' . substr(str_replace('&amp;', '&', '\$2'), -10) : '\$2') . '</a><!-- w -->'"; $magic_url_replace[] = "'\$1<!-- w --><a href=\"http://\$2\">' . ((strlen('\$2') > 55) ? substr(str_replace('&amp;', '&', '\$2'), 0, 39) . ' ... ' . substr(str_replace('&amp;', '&', '\$2'), -10) : '\$2') . '</a><!-- w -->'";
// matches an email@domain type address at the start of a line, or after a space or after what might be a BBCode. // matches an email@domain type address at the start of a line, or after a space or after what might be a BBCode.
@ -3001,7 +3001,7 @@ function get_backtrace()
/** /**
* This function returns a regular expression pattern for commonly used expressions * This function returns a regular expression pattern for commonly used expressions
* Use with / as delimiter for email mode and # for url modes * Use with / as delimiter for email mode and # for url modes
* mode can be: email|bbcode_htm|url|www_url|relative_url * mode can be: email|bbcode_htm|url|url_inline|www_url|www_url_inline|relative_url|relative_url_inline
*/ */
function get_preg_expression($mode) function get_preg_expression($mode)
{ {
@ -3022,16 +3022,22 @@ function get_preg_expression($mode)
break; break;
case 'url': case 'url':
case 'url_inline':
$inline = ($mode == 'url') ? ')' : '';
// generated with regex generation file in the develop folder // generated with regex generation file in the develop folder
return "[a-z][a-z\d+\-.]*:/{2}(?:(?:[a-z0-9\-._~!$&'()*+,;=|@]+|%[\dA-F]{2})+|[0-9.]+|\[[a-z0-9.:]+\])(?::\d*)?(?:/(?:[a-z0-9\-._~!$&'()*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[a-z0-9\-._~!$&'()*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[a-z0-9\-._~!$&'()*+,;=:@/?|]+|%[\dA-F]{2})*)?"; return "[a-z][a-z\d+\-.]*:/{2}(?:(?:[a-z0-9\-._~!$&'($inline*+,;=|@]+|%[\dA-F]{2})+|[0-9.]+|\[[a-z0-9.]+:[a-z0-9.]+:[a-z0-9.:]+\])(?::\d*)?(?:/(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?";
break; break;
case 'www_url': case 'www_url':
return "www\.(?:[a-z0-9\-._~!$&'()*+,;=|@]+|%[\dA-F]{2})+(?::\d*)?(?:/(?:[a-z0-9\-._~!$&'()*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[a-z0-9\-._~!$&'()*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[a-z0-9\-._~!$&'()*+,;=:@/?|]+|%[\dA-F]{2})*)?"; case 'www_url_inline':
$inline = ($mode == 'www_url') ? ')' : '';
return "www\.(?:[a-z0-9\-._~!$&'($inline*+,;=|@]+|%[\dA-F]{2})+(?::\d*)?(?:/(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?";
break; break;
case 'relative_url': case 'relative_url':
return "(?:[a-z0-9\-._~!$&'()*+,;=:@|]+|%[\dA-F]{2})*(?:/(?:[a-z0-9\-._~!$&'()*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[a-z0-9\-._~!$&'()*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[a-z0-9\-._~!$&'()*+,;=:@/?|]+|%[\dA-F]{2})*)?"; case 'relative_url_inline':
$inline = ($mode == 'relative_url') ? ')' : '';
return "(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})*(?:/(?:[a-z0-9\-._~!$&'($inline*+,;=:@|]+|%[\dA-F]{2})*)*(?:\?(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?(?:\#(?:[a-z0-9\-._~!$&'($inline*+,;=:@/?|]+|%[\dA-F]{2})*)?";
break; break;
} }

19
phpBB/includes/search/fulltext_native.php
View file

@ -80,7 +80,7 @@ class fulltext_native extends search_backend
*/ */
function split_keywords($keywords, $terms) function split_keywords($keywords, $terms)
{ {
global $db, $config, $user; global $db, $user;
$keywords = trim($this->cleanup($keywords, '+-|()*')); $keywords = trim($this->cleanup($keywords, '+-|()*'));
@ -273,16 +273,19 @@ class fulltext_native extends search_backend
// if this is an array of words then retrieve an id for each // if this is an array of words then retrieve an id for each
if (is_array($word)) if (is_array($word))
{ {
$non_common_words = array();
$id_words = array(); $id_words = array();
foreach ($word as $i => $word_part) foreach ($word as $i => $word_part)
{ {
if (strpos($word_part, '*') !== false) if (strpos($word_part, '*') !== false)
{ {
$id_words[] = '\'' . $db->sql_escape(str_replace('*', '%', $word_part)) . '\''; $id_words[] = '\'' . $db->sql_escape(str_replace('*', '%', $word_part)) . '\'';
$non_common_words[] = $word_part;
} }
if (isset($words[$word_part])) else if (isset($words[$word_part]))
{ {
$id_words[] = $words[$word_part]; $id_words[] = $words[$word_part];
$non_common_words[] = $word_part;
} }
} }
if (sizeof($id_words)) if (sizeof($id_words))
@ -299,10 +302,11 @@ class fulltext_native extends search_backend
} }
} }
// throw an error if we shall not ignore unexistant words // throw an error if we shall not ignore unexistant words
else if (!$ignore_no_id) else if (!$ignore_no_id && sizeof($non_common_words))
{ {
trigger_error(sprintf($user->lang['WORDS_IN_NO_POST'], implode(', ', $word))); trigger_error(sprintf($user->lang['WORDS_IN_NO_POST'], implode(', ', $non_common_words)));
} }
unset($non_common_words);
} }
// else we only need one id // else we only need one id
else if (($wildcard = strpos($word, '*') !== false) || isset($words[$word])) else if (($wildcard = strpos($word, '*') !== false) || isset($words[$word]))
@ -930,8 +934,7 @@ class fulltext_native extends search_backend
*/ */
function split_message($text) function split_message($text)
{ {
global $phpbb_root_path, $phpEx; global $phpbb_root_path, $phpEx, $user;
global $config, $user;
$match = $words = array(); $match = $words = array();
@ -943,8 +946,8 @@ class fulltext_native extends search_backend
// BBcode // BBcode
$match[] = '#\[\/?[a-z0-9\*\+\-]+(?:=.*?)?(?::[a-z])?(\:?[0-9a-z]{5,})\]#'; $match[] = '#\[\/?[a-z0-9\*\+\-]+(?:=.*?)?(?::[a-z])?(\:?[0-9a-z]{5,})\]#';
$min = $config['fulltext_native_min_chars']; $min = $this->word_length['min'];
$max = $config['fulltext_native_max_chars']; $max = $this->word_length['max'];
$isset_min = $min - 1; $isset_min = $min - 1;